Entities that conduct ransomware attacks are using disturbing new tactics, according to a ransomware report from cloud security and content delivery provider Akamai Technologies.

The firm’s State of the Internet Report, entitled “Ransomware on the Move: Exploitation Techniques and the Active Pursuit of Zero-Days,” found that perpetrators increasingly are extracting sensitive information, which has become the primary source of extortion. This indicates that file backup is no longer sufficient protection against ransomware, according to the report.

The report also found that attacks focusing on zero-day and one-day vulnerabilities increased 143% between the first quarter of 2022 and the first quarter of this year. A zero-day exploit is one that is unknown to those interested in stopping it. A one-day exploit is one that is used on the day a patch is released.

The report also looked at industry verticals. Manufacturing saw a 42% increase in victims between the fourth quarter of 2021 and the same quarter in 2022. There was a 39% increase in healthcare victims during the same period.

Other highlights from the report:

· Organizations with revenue up to $50 million were the most at risk, with 65% of the total.

· Organizations with revenue above $500 million dollars made up 12% of the total.

· Victims of multiple ransomware attacks were more than six times likelier to experience the second attack within three months of the first attack.

· Financial services organizations saw an increase of 50% in the number of impacted organizations year over year. The retail vertical was third in ransomware victims per industry and saw a 9% increase.

“Adversaries behind ransomware attacks continue to evolve their techniques and strategies, striking at the heart of organizations by exfiltrating their critical and sensitive information,” Senior Vice President and General Manager for Enterprise Security at Akamai Pavel Gurvich said in a press release.

“It’s critical that organizations understand the techniques and tools deployed by adversaries in order to shield their critical assets, preserve trust in their brand and ensure business continuity.”